[OAUTH-WG] OAuth Open Redirector: Call for Adoption Finalized

Hannes Tschofenig <hannes.tschofenig@gmx.net> Thu, 04 February 2016 19:18 UTC

Return-Path: <hannes.tschofenig@gmx.net>
X-Original-To: oauth@ietfa.amsl.com
Delivered-To: oauth@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4B08D1ACDD9 for <oauth@ietfa.amsl.com>; Thu, 4 Feb 2016 11:18:14 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qvWmaElX0E9m for <oauth@ietfa.amsl.com>; Thu, 4 Feb 2016 11:18:13 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.17.22]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9AD711ACDD5 for <oauth@ietf.org>; Thu, 4 Feb 2016 11:18:12 -0800 (PST)
Received: from [192.168.10.140] ([80.92.118.18]) by mail.gmx.com (mrgmx102) with ESMTPSA (Nemesis) id 0MOCSm-1aO89u2Qyq-005V2B for <oauth@ietf.org>; Thu, 04 Feb 2016 20:18:10 +0100
To: "oauth@ietf.org" <oauth@ietf.org>
From: Hannes Tschofenig <hannes.tschofenig@gmx.net>
Openpgp: id=071A97A9ECBADCA8E31E678554D9CEEF4D776BC9
X-Enigmail-Draft-Status: N1110
Message-ID: <56B3A3F1.6010603@gmx.net>
Date: Thu, 4 Feb 2016 20:18:09 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="JqQcAkBtulUTGlXSbDAM0nFd733Aokx57"
X-Provags-ID: V03:K0:yqdp7xRinNloDt9+OoB28Mlq7LTWRh4DEGEx0EmaJBs/ToMzF22 75D4sNyCgjYB5gH6+zVfqrgGVI/dsAYt5IOICN1uChP43fxpUoxfdOTVN25CExexdrZHYWE Jn6LalYBw6Bn4dPJNfIU65Xl5UroxBABOY2o1ghSgiOIJIBz0dBcc5rxGTh2M7K4GYiQcNO l01ri7yNeMsrvdIvGystA==
X-UI-Out-Filterresults: notjunk:1;V01:K0:ETuvH/2E3eg=:WwxZeSyaFFhbtWW5edAT9y ttbIehzT7155sJPUSWd/PENHMxXj67MrTpDs4ONYIZ8073uBcp3v4rdzay+K938MMFU7n7hMk VFKW1CVFlreJ1sLfnCT8plv34//YRfzjPcNlrbpSlCKFZ3Z3BvX5dDrgAq07Edk/j45rlx5uw ro0BLz+L8PlkXyOujFseVpO0QcvFO97d6zhQfmJdK5Vr6eRiAEX1ZBo83YkcjlRybcl/mkPg4 rSZX+XUH9kdpjhWXl0Sgaa/pHjYHAGQOoHBG5Lr+agIntgcxd5YTYlILdgvN3wq7uz1NYQkXl vsCLLYSW1ZUMJCEr5ZXe2Ow48O6HfM6iSM/oOfDFeMiASw+3aOs0knf02mulDYOFepWIwzPON Nc25nJorfOV71BqzZsRmaZuYlzFgPrnHOVWXT3NyeGnumfddGI5g/o/6CWuKr/CzgSTWmlW/6 lNx7tNCTzaVK5ER2bhCEZn3uEBbckzrR1MjipqVg6abkhC/bPoh1x+8p/+zmbKkmbsmSwignk 0bBCpqh5spdh9TgP5mldCYnXqS3t1a3g8KNbVRnuXooPlu7nF1WZZDg/Xr5Pgtx3MusD5Jlp4 yS2VlUCuSRp7nud1KITKTLMjSvS8Vc/zhN9PV3WrlQ3R07WJWOoOtLEuvgzFzgwJp4tPQj3sf vyt0t/PiEzuYI9/zvWhYRO3Iank9y6IG5D2vnCnFzaXP7jE/0Vy7TvdDZvvqJ8IH+neY5vwCd dyvEmJOfzqFsJ/P21NkNM0+fFJ8X79JzhmwKthHh8HoAAh0qg+d+HkyF7B4=
Archived-At: <http://mailarchive.ietf.org/arch/msg/oauth/sy9fVI4Htl8U_dz5L6lSXYKvYTA>
Subject: [OAUTH-WG] OAuth Open Redirector: Call for Adoption Finalized
X-BeenThere: oauth@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: OAUTH WG <oauth.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/oauth>, <mailto:oauth-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/oauth/>
List-Post: <mailto:oauth@ietf.org>
List-Help: <mailto:oauth-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/oauth>, <mailto:oauth-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 04 Feb 2016 19:18:14 -0000

Hi all,

On January 19th I posted a call for adoption of the OAuth Open
Redirector specification, see
http://www.ietf.org/mail-archive/web/oauth/current/msg15401.html

There was positive feedback during the Yokohama IETF meeting to work on
security fixes and more than 10 persons responded positively to the call
on the mailing list. As requested, we will have to change the title of
the document to avoid given the impression that we want to use OAuth to
deploy open redirectors.

To conclude, based on the call <draft-bradley-oauth-open-redirector-02>
will become the starting point for work in the OAuth working group.
Please submit the document as draft-ietf-oauth-open-redirector-00.txt.

Ciao
Hannes & Derek